Among them:
* Kitten’s Spaminator, which combines tarpitting (making multiple comments from the same source take longer and longer to post, in order to slow down bots), and a “three strikes” method, where the spammers IP is blocked after three spams.

Kittens Spam Words, which gives you a “delete as spam” option, which automatically adds the email address, URL, and IP address to your Spam Words File.

The Jabber support in Twisted needs some patches here and there. One of the patches is stringprep support for JIDs, a must-have.
Twisted development is in a state of flux, as their upcoming 2.0 release will probably be split up in several packages, and the Jabber modules have been moved around. Also, dizzyd, who wrote the Jabber support for Twisted is busy with non-Jabber stuff, and I have to somehow get my patches in Twisted’s codebase. I’ll try and coordinate this with dizzyd in the coming week or so. In the meanwhile, I’ll probably have to distribute my patches to Twisted along in the Idavoll release, but I am not sure how to go about that, yet. For now, just checkout the code from the CVS repository, and give it a whirl. I will be more than happy to do some hand-holding.

In particular, is this bit of coolness: SoapBox. This is an LD_PRELOAD wrapper that monitors and records what changes an application makes to the filesystem. I’ve been looking for something like this for forever. It looks like you can place limits on what the user is allowed to do, too, making this a handy intermediary between a DAC system and going to a full MAC system.

DWall is a shorewall-like iptables front-end. This might be a replacement for shorewall in UMLazi.

DStat is kind of a cross between sar and vmstat/iostat. Might be easier to modify than sar.

I’d like to share a word on communication. We’ve decided to start with Jabber (www.jabber.org) as the communication layer between the various components. Jabber is great because it can be as simple as you want while allowing for practically limitless expansion. Given the open nature of Jabber, for example, we could write our own server components that ‘plug in’ to the jabber server and perform additional tasks on messages besides simply routing them through the messaging network.

The trick to sysadminning is doing the most with the least amount of home-written code. That’s how you make it a fun challenge. Anyone can brute force a problem. The skill– and the fun– is in solving it with style.

Sysadmin Thought Challenge –
Here’s a theoretical problem. How do you solve it?
“Let’s say you have 500 machines, and 5000 users. How do you do authentication?”

Why not take it a step farther? Heck, set up challenges, and provide the machines (UMLs) to do them.

I love seaplanes. I think it’s incredibly cool to be able to land anywhere there’s a large enough body of water. This is why I want to get a pilot’s license. Just so I can get a seaplane rating, and head out to sea.

Travelers in Vancouver, BC:

The seaplane airfield in Sechelt, BC:

This next one has a good story behind it. On this plane were a Cowboy American couple, heading to Whistler for vacation, and an old man in a nice suit. We boarded the plane, and were talking about who should sit in the copilot’s seat (which is usually held by a passenger on these tiny planes).

Cowboy: “Anyone know how to fly?
Old man: “I can.”
Cowboy: “Oh? Did you fly in the war?”
The old man nods his head.
Cowboy: “Did you shoot down many Germans?”
The old man chuckles and says, in a barely-perceptable-but-obviously-there german accent, “No, not many.”

Jeremy Bowers (author of iRights) is doing great work on connecting Jabber to Radio. Lots of mind bombs here. Most of the IM crowd can’t see beyond simple chat etc., but the real gold is in making connections possible. Connecting desktop Web apps is the future of Jabber. [John Robb's Radio Weblog]

We’re actually going to hook lots of non-web apps together, too. Jabber is what DCE, CORBA, RMI, etc., could have been if they were open, simple, and had a natural ability to span firewalls, yet still be secure.

Now, IM is a way that we get our platform promulgated, but it’s also a key feature that other application-integration approaches don’t have. If users are running an application to chat with their friends, and tell if their friends are online, applications can use the same services to interact with users…

Jabber brings users and applications together with applications and users.

Is there a perl module for generating sendmail-style QID strings? That would be useful for any queuing system, especially the Jabber message queuer. If you encoded the time in there (in hex?) you could insure chronological order. I’m thinking jabber queue client here.

If you want an unprivileged process to be able to signal a privileged process in a well defined way, you can create a directory of “switches”. Files that the unprivileged can touch, and that the privileged can see. If you watch that directory with DNOTIFY, then the privileged process would know about the change in real time.

Logsurfer would make a great event correlation engine. Send all events into a log file (or set of log files) on a single host, and write logic to trigger events if events happen in order, or don’t happen within time periods of each other. Send as many events as possible through it. Start off with simple logic, then write tools to generate more complicated logic.

While we’re underestimating the amount of work involved in writing an event correlator, write a set of rules for every daemon. Write event generators for every daemon. Make “init” spawn events when processes start and stop! Write logsurfer rules on each client to generate events that go to The Correlator.

In Host Configuration Directories, like UMLazi uses, we don’t have a way of “commenting out” values. We can rename them to .files though!

Fluxbox lets you tab together xterms and other windows. What if it gave you the ability to mirror xevents to windows that were tabbed together? What’s stopping us from writing an X application that does that does that?

It would be freaking awesome if “screen” and “xterm” were aware of each other. So that you could use the xterm scrollbar (and thus, a mousewheel) to scroll back through screen history.

UMLFaq – This is going nowhere fast. I want this to be a compendium of UML knowledge, but thus far I’ve only posted a single entry. It takes a lot of energy to write FAQs.

UMLForge –
I don’t know what to do with this. I pictured it as a place where people could just request a UML. The problem with that is that they could be used for evil, and that I would rapidly run out of processor and memory for new UMLs. The answer to this might be to set up a timesharing system. Request a UML, and it’ll create one and stick your Public Key on it. You get it for an hour. After that, it suspends to disk, and you have to request more time. That could be fun. I don’t know how useful it would be.
Hey, what if this was a UMLForge system, where anyone could set up one of their machines as a UMLForge Node, and contribute UMLs to the common good? Hmm.. Again with the usefulness test: What good is a temporary UML? What problem does this solve?

The Jabber Monitoring and Management System –
Sysadmins write tons of custom scripts and processes in order to automate their jobs, but the monitoring around those scripts and processes is almost always either nonexistent or sub-par. We need a better way to discover problems, notify the appropriate personnel, and automatically fix when possible.

November 1st, I start working for Nike in Beaverton, OR. I have very little idea of what I’ll be doing (outside of normal sysadmin stuff), but I do know that every time I’m paged out of bed, I’ll be getting paid for it. Yay contracting.

This marks the beginning of my return to Portland, which means, in no particular order:
* Selling the house in Tampa.
* Figuring out the bus system between home and work
* Making a good impression on my coworkers
* Distilling my possessions down to the absolute minimum, and shipping those to Portland.
* Finding a place to live in Portland.
* Re-examining my investment goals to take into account my new income.

I had a wisdom tooth removed Tuesday, and dang did that suck. Not so much the procedure, but the recovery. It wasn’t as bad as it might’ve been (pain was tolerable without Vicodin in just 8 hours), but I still have this oozing open wound in my mouth that I don’t know what to do with. I don’t dare chew with that side of my mouth. I don’t know how long I’m supposed to go easy on it. They say the stitches will dissolve in 9-14 days, and I’ll be fully recovered in 6-9 weeks. I guess I just have to be careful for a while!

Oh, the procedure for a tooth extraction (when the tooth is already all the way in) goes something like this:
* X-Ray
* Lidocaine
* Novocaine
* More novocaine
* Blindfold
* A rubber block in your mouth, to keep you from biting the dentist.
* A bunch of yanking
* Stitches
* About an hour of numbness, after which you damn well better have some vicodin in your system.

Gallery
This week I switched my gallery from Menalto Gallery to Coppermine. I still have a bit to learn about it, and some more rearranging to do (now that I have more options in rearranging), but wow. It looks great, the theming is awesome, and so many features! Check it out!

Portland
A couple of weeks ago, I took a covert trip to Portland, OR, my home town, where I met up with a bunch of old friends (who I keep in daily contact with through a chat server). Only 195 pictures to show for two weeks up there, and most of them were taken by a friend (heck the BEST ones were taken by my friend. :) Of all the pictures taken with my camera while I was up there, the ones by David are the best, since they have, well, actual people in them. I’m pretty shy when it comes to photographing people.

Rats
Also, over the weekend, I scored two new pet rats from Bella, in Orlando. She breeds the best rodents. Always well mannered, extremely friendly, and amazingly long-lived (for rats). Below is “Sumi-e”, a dumbo-eared black self rat, being kissed by Bella’s granddaughter Isabella. We also got a berkshire fawn we’ve named Ponzu. Pictures of him later.